America's JobLink Suffers Security Breach

A third-party hacker exploited a flaw in America's JobLink application code to access the information of job seekers from 10 states.

America's JobLink (AJL) was recently the victim of a security breach when a hacker exploited a flaw in its application code to gain unauthorized access to information of job seekers in 10 states. AJL, a multi-state system which links job seekers with employers, has since identified and eliminated the code misconfiguration.

AJL said on March 21 that names, birthdates, and Social Security Numbers of applicants from Alabama, Arizona, Arkansas, Idaho, Delaware, Illinois, Kansas, Maine, Oklahoma, and Vermont were illegally accessed by an outside source. It explained that the code misconfiguration was introduced into the system through an update last October.

AJL is currently working with the FBI to apprehend the hacker while a forensic firm is carrying out a detailed examination of the hacked accounts.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy i...